Privacy Policy
Last updated: July 7, 2026
This policy explains what personal data TokenSkim processes, why, and your rights under the EU General Data Protection Regulation (GDPR).
Data controller
The data controller responsible for your personal data is:
Redbit S.r.l.s.
Viale della Grande Muraglia, 494, 00144 Roma (RM), Italy
REA RM1576999 · VAT IT15237911001
PEC: [email protected]
Contact: [email protected]
The most important point first
When you use the free analyzer, your usage export file is parsed entirely inside your browser. The file and its contents are never transmitted to, uploaded to, or stored on our servers. We cannot see your usage data.
What we process, and why
| Data | Purpose | Legal basis (GDPR Art. 6) |
|---|---|---|
| Analytics & usage (via Google Analytics 4) — pseudonymous device and interaction data, with IP anonymized | Understand how the site is used and improve it | Consent (Art. 6(1)(a)), collected via our consent banner |
| Contact data (email address) when you write to us | Respond to your request | Legitimate interest / pre-contractual steps |
| Order & billing data for paid services (name, email, billing details) — card data is handled directly by Stripe, we never receive it | Provide and invoice paid audits and monitoring | Performance of a contract (Art. 6(1)(b)) |
| Technical logs (IP address, user agent, timestamps) | Security, abuse prevention, operating the service | Legitimate interest (Art. 6(1)(f)) |
Service providers (processors) and third parties
We rely on the following providers, who process data on our behalf or as independent controllers:
- Google (Google Analytics 4) — analytics, only after your consent.
- InMobi (Choice CMP) — manages your consent choices (IAB TCF v2.2).
- Stripe — payment processing for paid services.
- Cloudflare — content delivery, DNS and security.
- Our self-hosted email infrastructure — to receive and answer your messages.
Some providers (e.g. Google, Stripe, Cloudflare) may process data outside the EEA. Where this happens, transfers are covered by appropriate safeguards such as the European Commission's Standard Contractual Clauses.
Retention
We keep personal data only as long as necessary for the purposes above: analytics data per our Google Analytics configuration; order data for the period required by tax and accounting law; technical logs for a limited period for security purposes.
Your rights
Under the GDPR you have the right to access, rectify, erase, restrict or object to the processing of your personal data, to data portability, and to withdraw consent at any time (without affecting prior processing). To exercise these rights, contact us at [email protected]. You also have the right to lodge a complaint with your supervisory authority — in Italy, the Garante per la protezione dei dati personali.
Cookies
For details on cookies and similar technologies, see our Cookie Policy. You can change your choices at any time via the "Cookie settings" link in the footer.
Changes
We may update this policy. The current version is always available on this page, with the date shown above.